summaryrefslogtreecommitdiffstats
path: root/net/http/http_network_transaction_unittest.cc
diff options
context:
space:
mode:
Diffstat (limited to 'net/http/http_network_transaction_unittest.cc')
-rw-r--r--net/http/http_network_transaction_unittest.cc142
1 files changed, 142 insertions, 0 deletions
diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc
index 5714543..ea087d0 100644
--- a/net/http/http_network_transaction_unittest.cc
+++ b/net/http/http_network_transaction_unittest.cc
@@ -6373,4 +6373,146 @@ TEST_F(HttpNetworkTransactionTest, SpdyPostNPNServerHangup) {
HttpNetworkTransaction::SetUseAlternateProtocols(false);
}
+TEST_F(HttpNetworkTransactionTest, SpdyAlternateProtocolThroughProxy) {
+ // This test ensures that the URL passed into the proxy is upgraded
+ // to https when doing an Alternate Protocol upgrade.
+ HttpNetworkTransaction::SetUseAlternateProtocols(true);
+ HttpNetworkTransaction::SetNextProtos(
+ "\x08http/1.1\x07http1.1\x06spdy/2\x04spdy");
+
+ SessionDependencies session_deps(CreateFixedProxyService("myproxy:70"));
+ HttpAuthHandlerMock::Factory* auth_factory =
+ new HttpAuthHandlerMock::Factory();
+ HttpAuthHandlerMock* auth_handler = new HttpAuthHandlerMock();
+ auth_factory->set_mock_handler(auth_handler, HttpAuth::AUTH_PROXY);
+ auth_factory->set_do_init_from_challenge(true);
+ session_deps.http_auth_handler_factory.reset(auth_factory);
+
+ HttpRequestInfo request;
+ request.method = "GET";
+ request.url = GURL("http://www.google.com");
+ request.load_flags = 0;
+
+ // First round goes unauthenticated through the proxy.
+ MockWrite data_writes_1[] = {
+ MockWrite("GET http://www.google.com/ HTTP/1.1\r\n"
+ "Host: www.google.com\r\n"
+ "Proxy-Connection: keep-alive\r\n"
+ "\r\n"),
+ };
+ MockRead data_reads_1[] = {
+ MockRead(false, ERR_TEST_PEER_CLOSE_AFTER_NEXT_MOCK_READ),
+ MockRead("HTTP/1.1 200 OK\r\n"
+ "Alternate-Protocol: 443:npn-spdy/2\r\n"
+ "Proxy-Connection: close\r\n"
+ "\r\n"),
+ };
+ StaticSocketDataProvider data_1(data_reads_1, arraysize(data_reads_1),
+ data_writes_1, arraysize(data_writes_1));
+
+ // Second round tries to tunnel to www.google.com due to the
+ // Alternate-Protocol announcement in the first round. It fails due
+ // to a proxy authentication challenge.
+ // After the failure, a tunnel is established to www.google.com using
+ // Proxy-Authorization headers. There is then a SPDY request round.
+ //
+ // NOTE: Despite the "Proxy-Connection: Close", these are done on the
+ // same MockTCPClientSocket since the underlying HttpNetworkClientSocket
+ // does a Disconnect and Connect on the same socket, rather than trying
+ // to obtain a new one.
+ //
+ // NOTE: Originally, the proxy response to the second CONNECT request
+ // simply returned another 407 so the unit test could skip the SSL connection
+ // establishment and SPDY framing issues. Alas, the
+ // retry-http-when-alternate-protocol fails logic kicks in, which was more
+ // complicated to set up expectations for than the SPDY session.
+
+ scoped_ptr<spdy::SpdyFrame> req(ConstructSpdyGet(NULL, 0, false, 1, LOWEST));
+ scoped_ptr<spdy::SpdyFrame> resp(ConstructSpdyGetSynReply(NULL, 0, 1));
+ scoped_ptr<spdy::SpdyFrame> data(ConstructSpdyBodyFrame(1, true));
+
+ MockWrite data_writes_2[] = {
+ // First connection attempt without Proxy-Authorization.
+ MockWrite("CONNECT www.google.com:443 HTTP/1.1\r\n"
+ "Host: www.google.com\r\n"
+ "Proxy-Connection: keep-alive\r\n"
+ "\r\n"),
+
+ // Second connection attempt with Proxy-Authorization.
+ MockWrite("CONNECT www.google.com:443 HTTP/1.1\r\n"
+ "Host: www.google.com\r\n"
+ "Proxy-Connection: keep-alive\r\n"
+ "Proxy-Authorization: auth_token\r\n"
+ "\r\n"),
+
+ // SPDY request
+ CreateMockWrite(*req),
+ };
+ const char kRejectConnectResponse[] = ("HTTP/1.1 407 Unauthorized\r\n"
+ "Proxy-Authenticate: Mock\r\n"
+ "Proxy-Connection: close\r\n"
+ "\r\n");
+ const char kAcceptConnectResponse[] = "HTTP/1.1 200 Connected\r\n\r\n";
+ MockRead data_reads_2[] = {
+ // First connection attempt fails
+ MockRead(false, ERR_TEST_PEER_CLOSE_AFTER_NEXT_MOCK_READ, 1),
+ MockRead(true, kRejectConnectResponse,
+ arraysize(kRejectConnectResponse) - 1, 1),
+
+ // Second connection attempt passes
+ MockRead(true, kAcceptConnectResponse,
+ arraysize(kAcceptConnectResponse) -1, 4),
+
+ // SPDY response
+ CreateMockRead(*resp.get(), 6),
+ CreateMockRead(*data.get(), 6),
+ MockRead(true, 0, 0, 6),
+ };
+ scoped_refptr<OrderedSocketData> data_2(
+ new OrderedSocketData(data_reads_2, arraysize(data_reads_2),
+ data_writes_2, arraysize(data_writes_2)));
+
+ SSLSocketDataProvider ssl(true, OK);
+ ssl.next_proto_status = SSLClientSocket::kNextProtoNegotiated;
+ ssl.next_proto = "spdy/2";
+ ssl.was_npn_negotiated = true;
+
+ session_deps.socket_factory.AddSocketDataProvider(&data_1);
+ session_deps.socket_factory.AddSocketDataProvider(data_2.get());
+ session_deps.socket_factory.AddSSLSocketDataProvider(&ssl);
+ scoped_refptr<HttpNetworkSession> session(CreateSession(&session_deps));
+
+ // First round should work and provide the Alternate-Protocol state.
+ TestCompletionCallback callback_1;
+ scoped_ptr<HttpTransaction> trans_1(new HttpNetworkTransaction(session));
+ int rv = trans_1->Start(&request, &callback_1, BoundNetLog());
+ EXPECT_EQ(ERR_IO_PENDING, rv);
+ EXPECT_EQ(OK, callback_1.WaitForResult());
+
+ // Second round should attempt a tunnel connect and get an auth challenge.
+ TestCompletionCallback callback_2;
+ scoped_ptr<HttpTransaction> trans_2(new HttpNetworkTransaction(session));
+ rv = trans_2->Start(&request, &callback_2, BoundNetLog());
+ EXPECT_EQ(ERR_IO_PENDING, rv);
+ EXPECT_EQ(OK, callback_2.WaitForResult());
+ const HttpResponseInfo* response = trans_2->GetResponseInfo();
+ ASSERT_FALSE(response == NULL);
+ ASSERT_FALSE(response->auth_challenge.get() == NULL);
+
+ // Restart with auth. Tunnel should work and response received.
+ TestCompletionCallback callback_3;
+ rv = trans_2->RestartWithAuth(kFoo, kBar, &callback_3);
+ EXPECT_EQ(ERR_IO_PENDING, rv);
+ EXPECT_EQ(OK, callback_3.WaitForResult());
+
+ // After all that work, these two lines (or actually, just the scheme) are
+ // what this test is all about. Make sure it happens correctly.
+ const GURL& request_url = auth_handler->request_url();
+ EXPECT_EQ("https", request_url.scheme());
+ EXPECT_EQ("www.google.com", request_url.host());
+
+ HttpNetworkTransaction::SetNextProtos("");
+ HttpNetworkTransaction::SetUseAlternateProtocols(false);
+}
+
} // namespace net
generated by cgit v1.1 at 2025-02-25 00:34:15 +0000